Firewalls aren't doing a good enough job of protecting corporate networks, according to a Microsoft security expert. Speaking in London on Monday at a technical briefing on the need for next generation firewalls, Microsoft security technology architect Fred Baumhardt outlined some of the gaps that traditional firewalls are leaving open. . . .
Firewalls aren't doing a good enough job of protecting corporate networks, according to a Microsoft security expert. Speaking in London on Monday at a technical briefing on the need for next generation firewalls, Microsoft security technology architect Fred Baumhardt outlined some of the gaps that traditional firewalls are leaving open.

"We are all bloody lucky that something hasn't obliterated IT on earth," said Baumhardt. "Firewalls are like retarded routers. They just look at the ports, sources and destinations they like. If a train comes from Gare du Nord [Paris] to Waterloo [London] via Eurostar you allow it to enter the country because you trust it. That's what firewalls currently do. They don't check to see if al-Quaeda is riding inside."

Ports allow certain types of Internet traffic to travel if they correspond with the correct port number. For example, HTTP runs on port 80 and is often regarded as a trusted port, and left open. In the past firewalls have often worked on this basis, without checking the content of traffic. But Baumhardt called for IT professionals to ensure they had better equipment.

The link for this article located at zdnet.co.uk is no longer available.